Home > Business >
Senators fail to stop new rules allowing US law-enforcement hacking

Senators fail to stop new rules allowing US law-enforcement hacking

Frances Clayton | December 2, 2016, 6:36

Senators fail to stop new rules allowing US law-enforcement hacking

Senator Ron Wyden (D-OR) and a group of bipartisan senators have attempted to block the Rule 41 changes by introducing a bill, the Stopping Mass Hacking Act.

Also, when agents are investigating a crime that spans five or more different judicial districts in the U.S., the new Rule 41 will allow them to go to just one judge for a warrant, rather than all the courts in all the involved jurisdictions.

Wyden and supporting senators called for the immediate consideration of bills SB 3475 and SB 3485, which would delay the effects of Rule 41 until Congress can address the details in hearings. The change would save time for those in the Justice Department seeking to hack into multiple devices, but would also allow for easier access to hundreds of devices with the authority of just one judge. The rule changes go into effect on December 1, which comes in just a handful of hours.

However, when Republican members of the Senate Judiciary Committee prevented that bill from going to the floor of the Senate for debate and vote, Wyden, joined last month by a bipartisan group of 22 USA senators and representatives, called on Attorney General Loretta Lynch to give Congress more information about the proposed expansion of government hacking and surveillance powers.

In recent months, some judges have dismissed evidence gathered by the Federal Bureau of Investigation as part of a large-scale child pornography sting on the grounds that the search warrants used in those cases exceeded their jurisdiction.

The other rule change is raising concerns about the Fourth Amendment rights of innocent people whose computers have been co-opted into a botnet, which can be composed of millions of computers located all around the world. "Or when a mass hack goes awry and breaks their device, or an entire hospital system and puts lives at risk", he said in a statement.

A challenge could also be submitted to the Judicial Conference, the same body that approved the original rule changes, according to Bijan Madhani, public policy and privacy counsel at the Computer and Communications Industry Association. "Even slight vagaries or miscalculations can result in dramatic expansions of power", he says, citing language in the Computer Fraud and Abuse Act, passed in 1986, that has created "an incredible amount of confusion" over what constitutes a crime.

Under new rules, the Justice Department can ask a federal court for permission to search mobile devices outside the court's district. But three recent government hacks have prompted public debate over whether the approach is allowed under federal rules - and under the US Constitution.

Alphaspirit / Dreamstime.comLest we incorrectly assume that the United Kingdom stands alone in expanding surveillance power, today a controversial rule change granting the Federal Bureau of Investigation much broader authority to remotely hack into computers comes on line. "Remote computer search rules, which were never debated by Congress, go into effect tomorrow unless stopped", tweeted Matt Blaze, an associate professor of computer and information science at the University of Pennsylvania.

If Congress does not act before the clock chimes midnight, then the amended Rule 41 will be in effect.

In part, said Cardozo, that was because the rule change came in an election year, when "Congress wasn't going to get anything done".